Wireless Security
arp cache poisoning on a wifi network Jul 16 2008 10:51PM
Robin Wood (dninja gmail com) (4 replies)
Re: arp cache poisoning on a wifi network Jul 17 2008 12:11PM
Elton Ramos Carvalho (elton locknet com br) (1 replies)
Re: arp cache poisoning on a wifi network Jul 17 2008 01:34PM
Cedric Blancher (blancher cartel-securite fr) (1 replies)
Re: arp cache poisoning on a wifi network Jul 17 2008 04:14PM
Robin Wood (dninja gmail com)
Re: arp cache poisoning on a wifi network Jul 17 2008 05:32AM
Cedric Blancher (blancher cartel-securite fr)
Re: arp cache poisoning on a wifi network Jul 17 2008 01:45AM
Raul Siles (raul siles gmail com)
RE: arp cache poisoning on a wifi network Jul 16 2008 06:08AM
Sergio Castro (sergio castro unicin net)
According to your description, it should work. You don't have a
switch-router with some sort of anti-arp spoofing enabled, right?

I would recommend you try Cain, that's what I use, and it works every time

- Sergio

-----Mensaje original-----
De: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] En
nombre de Robin Wood
Enviado el: Miércoles, 16 de Julio de 2008 05:52 p.m.
Para: wifisec (at) securityfocus (dot) com [email concealed]
Asunto: arp cache poisoning on a wifi network

Hi
I'm trying to get arp cache poisoning working on my wireless network.
The setup is an AP with IP 192.168.0.100, a client with IP .55 and an
attacker with IP .56. All devices can ping each other and looking at the arp
table shows that they all know the MAC addresses of the others.

I'm trying to use arpspoof to do ARP spoofing against the AP.

On the attacker machine I've used the command:

arpspoof -i ath0 -t 192.168.0.55 192.168.0.100

but get the response

"arpspoof: couldn't arp for the host 192.168.0.55"

If I try the attack the other way so targetting the AP it still fails.

Looking at the FAQ on monkey.org it says that this error is because the
machines must be on the same subnet but they are in this situation, aren't
they?

If not, what is the best way to poison a wireless network?

Robin

__________ NOD32 3274 (20080716) Information __________

This message was checked by NOD32 antivirus system.
http://www.eset.com

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus